In March, I mentioned the Global Technology Audit Guides from the IIA (Institute of Internal Audit). There were seven guides at that time. The next one is out:
Guide 8: Auditing Application Controls
Each year, billions of dollars are spent globally on implementing new or upgrading business application systems. Effective application controls will help your organization to ensure the integrity, accuracy, confidentiality and completeness of your data and systems. It is important for the chief audit executive (CAE) and his or her team to develop and execute audits of application controls on a periodic basis in order to determine whether they are designed appropriately and operating effectively. This IIA's new guidance Auditing Application Control provides internal auditors with the following information.
- What is application control?
- What is the relationship between application control and general controls?
- Why rely on application controls?
- How to scope a risk-based application control review?
- What are the steps to conduct an application controls review?
To further assist CAEs or other individuals who use this guide, we have also included a list of key application controls, a sample audit plan, and a list of some application control review tools.
Christine Bellino, Jefferson Wells,
Steve Hunt, Enterprise Controls Consulting LP
Download a free copy of GTAG 8: Auditing Application Controls (PDF, 2MB)
Download GTAG 8 PowerPoint Slides (PPT, 240KB)